AttackFeed by Joe Wagner | libheif v1.21.0 Heap Buffer Overflow in Chunk::Chunk  - Full Disclosure

libheif v1.21.0 Heap Buffer Overflow in Chunk::Chunk  – Full Disclosure

Posted on By Joe-W
Alert Feeds

 

Posted by Ron E on Sep 08

The vulnerability resides in the constructor Chunk::Chunk (
libheif/sequences/chunk.cc:89). When parsing the Sample Size Box (stsz) of
a HEIF sequence track, the code allocates a std::vector<unsigned int> and
then appends entries for each sample size. The count used for allocation
and iteration is taken directly from the bitstream (Box_stsz::parse)
without verifying consistency between declared count and available data.

When the stsz box…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
APPLE-SA-09-15-2025-3 iOS 16.7.12 and iPadOS 16.7.12  – Full Disclosure
September 16, 2025
Alert Feeds
Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617)  – Full Disclosure
August 18, 2025
Alert Feeds
FFmpeg 7.0+ Heap Use-After-Free in FFmpeg HLS Demuxer (libavformat/utils.c)  – Full Disclosure
September 8, 2025
Alert Feeds
libheif v1.21.0 Out-of-Bounds Read in FullBox::get_flags  – Full Disclosure
September 8, 2025
AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.